Avoiding Spam

Spam, or Unsolicited Commercial Email is now illegal, but we still get it. Here's a few tips on how to reduce it, both unsolicited and solicited.

1) Have 2 email addresses. 1 for spam, one for personal.

chrisfoottit@yahoo.com is my spam address, which I don't mind putting in anything as I don't check it too often and Yahoo! has a fairly comprehensive spam filter (good job - that address gets 20 a day!). When a website of little importance (e.g. message boards, news sites) or unknown reliability requires an email address for functionality, I put in my spam address. If I get bombarded, it's not a great issue. If it gets that bad, you can just change it. So sign up for a spam address with a free email provider!

My "real" email address I use for reputable (ecommerce) web sites and give to friends. Basically anything important. Don't put this into any mailing lists, advertisement programs or any website unless you know they have a good privacy policy.

2) Never reply to SPAM email or click on links within SPAM email.

Clicking links within spam email not only alerts the spammer that the email address is active, it can direct users to web sites that then install viruses, spyware and other malicious code

Never reply to an unsolicited spam email, or click a "remove me" link as clicking links within spam email as this onlyly alerts the spammer that the email address is active and you will get much more! It candirect users to web sites that then install viruses, spyware and other malicious code. (see my SafePC article for more info)

This is very different from opting out from solicited email from reputable companies. See below.

3) Always look for the opt-out clause

Whenever you sign up for services or purchase anything online, always look for the tick boxes!!! Most websites ask if they can send you literature about other services (Solicited Commercial Email), much the same as when you do any home shopping. However, be careful to read how they are worded. The law in the UK recently change to make them opt-in check boxes, but some are still opt-out. Either way, make sure you opt-out of any advertising literature (unless of course you want it).

You can often un-subscribe to mailing lists via email. This is safe to do if it's from a reputable company with a privacy policy.

3) Be courteous to other users

Never, and I mean NEVER put in someone else's email address to a web page when you want to "send this page/product to a friend". It is totally unfair for you to sign someone up for something they are completely unaware of (which is effectively what you are doing).

Instead, copy and past the website address into the body of an email, and send the page or link to them that way.

4) Update Microsoft Outlook 2003

I have to say it, Outlook has a pretty good junk mail filter! It is update regularly so if the odd bit of spam does get though even after my prevention techniques (I do get the odd bit of spam too) go to the Microsoft Update website to check for updates to both Windows and Office.

5) Be wary of Auto-Preview facilities in your e-mail client.

Spammers are smart; they know a lot of the tricks and always find new ways to bug you. The main thing a spammer wants to do is make sure he's got a *real* person he can send his spam to. After all, he wants you to buy his products or in the very least, to send him all your money....

One particularly dastardly trick spammers use to verify a *real* e-mail address is to send you pretty HTML (Web page) e-mail messages. Rather than send the images that make up these web pages as part of the message, the spammers embed links to websites that they own. When you display that e-mail it picks up the images from their website and alerts them to the fact that someone has read that e-mail. If that link holds some identifying codeword they can even isolate it down to a particular e-mail address and product being viewed.

Microsoft Outlook already has features to combat this so it's pretty safe to use. Outlook won't display images on HTML e-mail until you explicitly tell it that you 'trust' the sender of the e-mail. Yahoo has also activated this feature so make sure you use it! However, not all e-mail software is that smart though, so use those Auto-Previews wisely.

6) Obfuscate your real e-mail address.

Sometimes you can't avoid leaving an e-mail address for people to use. After all, you would like your business to have customers so
having a contact e-mail on your website might be inevitable. As spammers regularly search websites for e-mail addresses with automated software (a process referred to as 'harvesting'), it's worth making it hard for them to use your address automatically. One simple method is to put your e-mail address on your site but worded so that a human can decipher it but automated software can't.

For example,
fred@yahoo.com could be written as, fredatyahoo.com, or fredremovethistoemailme@yahoo.com

Adding the human factor back in just makes the spammers lives so much harder....

Other more complex ways to hide addresses exist but you'll need the help of a tame web designer or technical support person.